With ransomware attacks on the rise, cybercrime gangs are no longer demanding payments to be made with Bitcoin, a cryptocurrency that was once thought to provide anonymity even though this was never really the case. There was a time when law enforcement agencies did not have the knowledge nor resources to trace nefarious Bitcoin transactions, but that is certainly not the current situation; for this reason, malicious hackers have been shifting towards privacy-oriented digital currencies such as Monero.
According to a recent report published by the Wall Street Journal, hackers responsible for the recent wave of Sodinokibi ransomware attacks are no longer demanding payments in Bitcoin; the cryptocurrency these groups have chosen to ply their wicked trade is Monero, which trades under the XMR symbol. Even though Monero is relatively new in the world of cryptocurrency trading, it has always been associated with the underground economy by virtue of its strong privacy features.
One major victim of the Sodinokibi ransomware was recently forced to pay more than $2 million to a cybercrime group, and the transaction was settled in Monero. Travelex, a company that specializes in providing foreign currency services, learned of a major cyber attack in late 2019, but hackers had already breached their networks months before a ransomware note was delivered. This was not a standard ransomware attack in the sense that hackers did more than just encrypt sensitive files; they also siphoned compromising information that was ultimately used to blackmail the executive board, thus underscoring the need to comply and make the Monero transaction.
Even though the standard recommendation from information security professionals and law enforcement agents is to never go along with ransom payments, this was a different situation for Travelex. This incident suggests that hackers know about the preventive measures being taken by businesses that frequently conduct secure backups; this is one of the most effective mitigation strategies against ransomware attacks, thus prompting hackers to take additional steps such as digging for confidential information that can be dangled as blackmail.
The deep obfuscation and plausible deniability features of Monero will likely continue to make it an attractive digital currency for malicious hackers.